Assignment 2 Instructions(JM RSC)
Assignment 2: Mister Network Engineer
Due Week 8 and worth 80 points
Using the network diagram located here, incorporate into the diagram the devices on the lower right to create a secure corporate network. The devices you must incorporate into the network diagram include: Web server, ftp server, vulnerability scanner, anti-virus server (client-based / server-based), Web proxy, intrusion detection system (IDS), and authentication server.
Note: All client-based / server-based devices work where a client is installed on a workstation, which has bidirectional communication with a corresponding server.
Write a paper in which you:
1. Determine which devices you will use for both the current network diagram infrastructure consisting of firewalls, routers, and workstations as well as the device(s) you need to incorporate. Include the following for each:
Make or vendor’s name (e.g., Microsoft, Redhat, Cisco, Juniper, Netgear, 3Com, etc.)
Model (e.g., Windows 7, ASA 5500, Cisco 3500, Squid, etc.)
IP address assigned to all devices
2. Establish the configuration for each device in which you:
Research each of the devices you chose and provide a basic configuration you would use in your network.
Use IP addresses to describe your configuration.
Explain the impact that each of your configurations has on the security of the entire network.
Highlight at least five (5) security features for each device, including devices in network diagram.
3. Using Microsoft Visio or its open source alternative, create a final network diagram that incorporates all devices into the existing network and ensures the following:
VPN sessions (from laptop) are only allowed to access the desktops in the IT department by IT department employees.
All VPN connections from the Internet cloud into the corporate network terminate at the VPN server.
Users from Engineering and Finance and Accounting CANNOT communicate.
Vulnerability scans occur daily in which all desktops are scanned at least once per day.
4. Use at least four (4) quality resources in this assignment. (Note: Wikipedia and similar websites do not qualify as quality resources.)
5. Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.

Term Paper Project: Designing a Secure Network
This term paper involves putting together the various concepts learned throughout this course. You are tasked with designing the most secure network possible, keeping in mind your goal of supporting three (3) IT services: email, file transfer (centralized), and VPN. Your first step is to design a single network capable of supporting three (3) different services. Once you have fully designed your network, you will need to provide three (3) workflow diagrams explaining how your designed network handles the three (3) different transactions. The first is an internal user sending an email using his / her corporate email address to a user on the Yahoo domain with an arbitrary address of The second workflow diagram should show a user initiating an FTP session from inside your network to the arbitrary site of The third workflow is an externally located employee initiating a VPN session to corporate in order to access files on the Windows desktop computer, DT-Corp534-HellenS, at work.
Write a paper in which you complete the following three (3) parts. Note: Please use the following breakdown to complete your assignment:
• Overall network diagram
• Datapath diagrams (one for each of the steps in the scenarios below)
• Write-up
Part 1
1a. Using Microsoft Visio or its open source alternative, create a diagram showing the overall network you’ve designed, from the user or endpoint device to the Internet cloud, and everything in between, in which you:
• Follow the access, core, distribution layer model.
• Include at a minimum:
• The authentication server (i.e. Microsoft Active Directory)
• Routers
• Switches (and/or hubs)
• Local users
• Remote users
• Workstations
• Files share (i.e. CIFS)
• Mail server
• Web servers (both internal and external)
• Firewalls
• Internet cloud
• Web proxy
• Email proxy
• FTP server (for internal-to-external transport)
1b. Explain each network device’s function and your specific configuration of each networking device.
1c. Design and label the bandwidth availability or capacity for each wired connection.
Part 2
2a. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario:
Local user sends email to a Yahoo recipient. Local (corporate) user having email address sends an email to
• Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination.
• Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow.
• Show user authentication when necessary.
2b. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario:
Local user, Jonny Hill, transfers file using ftp through the Internet to another company’s site ( He has to access the secure shell using his active directory credentials to authenticate to the ftp server (Linux running Redhat) on the DMZ. He needs to transfer files from his desktop across the Internet to
• Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination.
• Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow.
• Show user authentication when necessary.
2c. Using Microsoft Visio or its open source alternative, create a Datapath Diagram for the following scenario:
Remote user, Hellen Stover, connects via VPN from home through the Internet to her corporate desktop, DT-Corp534-HellenS. Hellen uses a browser to initiate her VPN connection. By browsing to, she arrives at a login page where she needs to authenticate using her Active Directory credentials before the VPN tunnel is built.
• Document and label the diagram showing protocols and path of the data flow as data traverses through your network from source to destination.
• Include path lines with arrows showing directions and layer 1, 2, 3, 4, 5, 6, and 7 (OSI) protocols that are used for each flow.
• Show user authentication when necessary.
2d. Explain how your overall design protects the organization from both inside and outside attacks. Give examples.
2e. Explain how your layered design compensates for possible device failures or breaches in network security.
2f. Determine whether any possible bottlenecks exist in your design.
2g. Explain how to make the file transfer process more secure.
Part 3
1. Use at least five (5) quality resources in this assignment. (Note: Wikipedia and similar websites do not qualify as quality resources.)
2. Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams/charts must be imported into the Word document before the paper is submitted.
3. Your assignment must follow these formatting requirements:
• Use proper APA format.
• Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page (if applicable) are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
• Explain the essentials of Transmission Control Protocol / Internet Protocol (TCP / IP) behavior and applications used in IP networking.
• Identify network security tools and discuss techniques for network protection
• Describe the foundational concepts of VPNs.
• Design a secure network to address a business problem.
• Use technology and information resources to research issues in network security design.
• Write clearly and concisely about Advanced Network Security Design topics using proper writing mechanics and technical style conventions.

